Thank you for reaching out. I believe you took a backup of the config before the upgrade from 6.4.13 to 7.0.12. And usually if you downgrade the firmware to 6.4.13 and you restore the same backup it should be on same state as you left it prior upgrade.
Regarding "Upgrading to an earlier firmware version, like 7.2.5" , this is a later version than 7.0.12. You can try to upgrade and share the results.
Regards! If you have found a solution, please like and accept it to make it easily accessible for others.
Upgrading to 7.2.5 will help only if it is a bug in 7.0.12 and the fix is available in 7.2.5. I did a quick search , but couldn't find any matching bugs.
Instead of an upgrade/downgrade during problem state, can we manually enable the policies? How many such policies are there ? May be you can download the config backup after upgrade and then use a text editor to change/replace disable to enable and then reload the configuration (please make sure only the policies are changed and no other settings changed enabled/disabled)
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
After upgrading the Fortigate 201F firmware version, from 6.4.13 to 7.0.12, the existing configured VPN SSL Policies changed from enable to disable
When we do the rollback from 7.0.12 to 6.4.13 version, the policies continue in disable, probably because the rollback "catches" those changes, made in 7.0.12 version, in the policies configuration, and "brings" them to the 6.4.13 version
Subsequently, we have to manually enable all of them, which is not viable, when there are many policies
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.